General
-
Target
6409a699e5cca.dll
-
Size
670KB
-
Sample
230309-lgaeeaaf4y
-
MD5
bbcc8ce7492115e5970d0b47f9432f07
-
SHA1
9514f33b0e0ce4814c422c754f5181a9337b6d4b
-
SHA256
715cd8f5ce329b92ed0361a50ce7cc90e7b34746380542c040b85d09d3a4fcff
-
SHA512
399b533f25317f0a83cc585929768908cbd09eff7a83a99afc2aa975b8a3dde2d02c450b6f5911ef2cff0ad9998673629fff0e59e6f562c0f49913611b0059fe
-
SSDEEP
12288:fcmMRzyQI3Ng+k+f1EuzWrlKkI3I6SZk95VnedDBJhx0W:NMR+93k82uyr0zIfrD
Static task
static1
Behavioral task
behavioral1
Sample
6409a699e5cca.dll
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
5050
https://config.edge.skype.com
157.254.195.117
91.215.85.151
-
base_path
/jerry/
-
build
250255
-
exe_type
loader
-
extension
.bob
-
server_id
50
Targets
-
-
Target
6409a699e5cca.dll
-
Size
670KB
-
MD5
bbcc8ce7492115e5970d0b47f9432f07
-
SHA1
9514f33b0e0ce4814c422c754f5181a9337b6d4b
-
SHA256
715cd8f5ce329b92ed0361a50ce7cc90e7b34746380542c040b85d09d3a4fcff
-
SHA512
399b533f25317f0a83cc585929768908cbd09eff7a83a99afc2aa975b8a3dde2d02c450b6f5911ef2cff0ad9998673629fff0e59e6f562c0f49913611b0059fe
-
SSDEEP
12288:fcmMRzyQI3Ng+k+f1EuzWrlKkI3I6SZk95VnedDBJhx0W:NMR+93k82uyr0zIfrD
-